11-18-2005 10:44 PM - edited 02-21-2020 12:32 AM
dhcp server----pix-----dhcp clients
is it possible to have a dhcp server machine located on say the inside interface and the dhcp clients are on the dmz?
thanks
Solved! Go to Solution.
11-18-2005 11:51 PM
a feature named dhcprelay should resolve your issue. i've done the opposite, i.e. the dhcp server on the outside and the client on the inside. nonetheless, i guess the command "dhcprelay" should do.
e.g.
dhcprelay server 192.168.2.2 inside
dhcprelay enable dmz
11-18-2005 10:50 PM
Hi Palacio
You cannot do this because the inside interface and the DMZ are on different broadcast domai!! you can use the pix as dhcp server on the DMZ interface but I don't know you architecture or you need.
Best Regards
11-18-2005 11:07 PM
what i was planning is putting a static command
static (inside, dmz) 192.168.2.2 192.168.1.2
where 192.168.1.2 is the dhcp server in the inside
and 192.168.2.2 is the ip address traslation to the dmz.
i understand that dhcp queery is on broadcast, and by this rule if my users on the dmz are doing this queery, isnt it 192.168.2.2 will catch that traffic and forward it to the dhcp server coz it was map into it by our static command?
11-18-2005 11:20 PM
No the pix act on layer 3 and above dhcp (boadcast) is layer 2, and when using access-list you specify IP, TCP or UDP you cannot specifie DHCP!!!
My question is why you need DHCP if you use the pix as dhcp server dose it solve your problem?
Regards
11-19-2005 02:22 AM
customer dont want to put the dhcp burden on the pix. hence he has a dedecated dhcp machine
11-19-2005 02:36 AM
the way i posted is to relay the dhcp request. i.e. when pix receives the dhcp request broadcast from dmz interface, it will then relay the request to the pix inside interface dhcp server. in other words, pix doesn't act as a dhcp server, but a dhcp relay agent.
11-18-2005 11:51 PM
a feature named dhcprelay should resolve your issue. i've done the opposite, i.e. the dhcp server on the outside and the client on the inside. nonetheless, i guess the command "dhcprelay" should do.
e.g.
dhcprelay server 192.168.2.2 inside
dhcprelay enable dmz
11-19-2005 03:52 AM
great answer..ive tried both directions and its ok..
thanks a lot.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide